You can configure notifications on the CWAAP portal so that you can stay informed about various events via Email, Slack, or Webhook.
There are two notification types available on the CWAAP portal:
- Account Level - Allows you to configure Email, Slack, or Webhook notifications.
- User Level - Allows you to configure email notifications that can be sent to a specific email address for various types of events associated with your CWAAP account.
The account level notifications are typically used to send notifications to a SOC, NOC, or other distribution lists and also for sending emails to individuals.
Configure account level notification
To configure account level notifications on the CWAAP portal:
- Click your user name and select Management from the drop-down menu.
- From the Account Management page, click Notifications, and then select Configure.
- The Configure Notifications page is separated into Email, Slack, and Webhooks allowing you to customize the types of notifications you want to receive per notification type.
Configure user level notification
To configure your personal User Level notification:
- click your user name in the upper right-hand corner, and then select Your Profile from the drop-down menu.
- If you are still on the Account Management -> Configure Notifications section, click edit your profile link at the top of the screen.
- The Edit Profile page has a section for Email Notifications similar to the Account Level Configurations section, where you can use the toggle On/Off buttons to enable or disable specific notifications are sent to your email address (that is listed at the top of the screen).
- click Save.
Notification types and methods
Email Addresses - Provide a valid email address or provide multiple valid emails addresses separated by a comma.
Slack - Enter the Slack Webhook URL and Slack Channel to receive notifications.
Webhooks - To configure Webhook notifications, see the CWAAP Portal Notification Webhooks page.
Each notification method lists the various types of notifications that you receive when you enable the On/Off toggle button. Following is a list of different notification types you can enable for your account.
Messages from the SOC - Notifications sent by the SOC.
D&A Alert (High) - A notification sent when high alert is triggered. You receive one notification per alert.
D&A Alert (Medium) - A notification sent when a medium alert is triggered. You receive one notification per alert.
D&A Alert (Low) - A notification sent when low alert is triggered. You receive one notification per alert.
D&A Flow Up/Down - A notification is sent when flow records are not received from one of your routers. You receive notification per router when flow is down, and notification per router when flow resumes.
Proxy Certificate Expiration - A notification sent when one of your SSL certificates are expiring soon. You receive one notification per expiring SSL certificate.
Event Start - A notification sent when mitigation begins. You receive one notification per attack.
Event End - A notification sent when mitigation ends. You receive one notification per attack.
Once you have selected all of your desired Notification methods and types, click Save at the bottom of the screen.